SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2020-07-14T12:30:14

Updated: 2024-08-04T08:55:22.221Z

Reserved: 2020-01-08T00:00:00

Link: CVE-2020-6287

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-07-14T13:15:13.000

Modified: 2022-04-28T18:57:30.580

Link: CVE-2020-6287

cve-icon Redhat

No data.